Reputation: 655
Sign APK with downloaded cert from Google Play
We recently had a developer leave us and now I am in charge of uploading any updates to Google play. We opted in to App Signing so i was able to download the cert. I am not sure I did what was correct. I double clicked the .der file which installed the key into my Key manager on mac. Then i imported that key into the generated keystore for the apk using Keytool. I am able to choose it when I build the APK but then get an error saying
Cause: trusted certificate entries are not password-protected
Any help? Thanks!
Upvotes: 5
Views: 2073
Answers (2)
Reputation: 35
**The certificate cannot be used to sign the APK, it doesn't contain the private key. **
The solution is: instead of using Google's default signature, use our own signature. Google's default signature does not disclose the private key, so it cannot be used to sign the apk.
To proceed with a Google-generated app signing key, upload your app bundle. Alternatively, you can select Change app signing key to access the following options: Use a Google-generated app signing key: More than 90% of new apps use Google-generated app signing keys. Using a Google-generated key protects against loss or compromise (the key is not downloadable). If you choose this option, you can download distribution APKs from the App bundle explorer signed with the Google-generated key for other distribution channels, or use a different key for them. Use a different app signing key: Choosing the app signing key allows you to use the same key as another app in your developer account or keep a local copy of your app signing key for increased flexibility. For example, you might already have a key decided because your app is pre-installed on some devices. Having a copy of your key outside Google’s servers increases risk if the local copy is ever compromised. You have the following options for how to use a different key: Use the same app signing key as another app in this developer account Export and upload a key from Java keystore Export and upload a key (not using Java keystore) Opt out of Play App Signing (you should only choose this option if you plan to upgrade your app signing key to enroll into Play App Signing).
Upvotes: 0
Reputation: 17437
The certificate cannot be used to sign the APK, it doesn't contain the private key. You should find the keystore that contains the upload key, identify the alias of that key and use that to sign.
If you don't have the keystore anymore, you can generate a new private key and contact Google support to reset it: https://support.google.com/googleplay/android-developer/answer/7384423?hl=en.
Upvotes: 2
Related Questions
- how to deploy a signed APK from Android Studio
- Sign apk using certificate.pem and key.pk8 in Android Studio by using gradle
- how to generate signed apk in android studio
- How to create signed apk using upload_cert.der file
- How to sign an android apk file
- Use provided upload_cert.der to sign a release Android APK file
- Uploaded an APK that is not signed with the upload certificate-
- Confused with signing android APK?
- Trouble signing apk with desired certificate
- Android - Signing an apk